<%= modules.inject(""){|t,x| "#{t}\nmodule #{x}"} %>
class <%=class_basename%>Controller < ApplicationController
			ssl_required :index, :show, :signup, :edit, :update, :destroy
			# Move to ApplicationController
			include Authenticator
      before_filter :login_required, :only => [:show, :edit, :update]
			# Protect these actions behind an admin login
			# before_filter :admin_required, :only [:destroy, :index, :show]
			before_filter :find_user, :only => [:destroy]

      # GET /users
      # GET /users.xml
      def index
        @<%=table_name%> = <%= model_class_basename %>.all

        respond_to do |format|
          format.html # index.html.erb
          format.xml  { render :xml => @<%=table_name%> }
        end
      end

      # GET /users/1
      # GET /users/1.xml
      def show
				# TODO: modify so an admin can see another user's account
        @<%=model_file_name%> = current_<%=model_file_name%>

        respond_to do |format|
          format.html # show.html.erb
          format.xml  { render :xml => @<%=model_file_name%> }
        end
      end


      # GET /users/signup
      # GET /users/signup.xml
      def signup
        @<%=model_file_name%> = <%= model_class_basename%>.new( :email => params[:email])

        respond_to do |format|
          format.html # signup.html.erb
          format.xml  { render :xml => @<%=model_file_name%> }
        end
      end

      # GET /users/1/edit
      def edit
				# TODO: modify using authorized so an admin can edit another user's account
        @<%=model_file_name%> = current_<%=model_file_name%>
      end

      # POST /users
      # POST /users.xml
      def create
				cookies.delete :auth_token
        @<%=model_file_name%> = <%=model_class_basename%>.new(params[:<%=model_file_name%>])

        respond_to do |format|
          begin
            @<%=model_file_name%>.save!
            self.current_<%=model_file_name%> = @<%=model_file_name%>
            flash[:notice] = 'Account was successfully created.'
            format.html { redirect_back_or_default("/")}
            format.xml  { render :xml => @<%=model_file_name%>, :status => :created, :location => @<%=model_file_name%> }
          rescue ActiveRecord::RecordInvalid
            format.html {
              logger.info "user=#{@<%=model_file_name%>.inspect}"
              render 'signup'
            }
            format.xml  { render :xml => @<%=model_file_name%>.errors, :status => :unprocessable_entity }
          end
        end
      end

      # PUT /users/1
      # PUT /users/1.xml
      def update
				# TODO: modify using authorized so an admin can update another user's account
        @<%=model_file_name%> = current_<%=model_file_name%>

        respond_to do |format|
          params_hash = params[:<%=model_file_name%>].merge(:email_confirmation => @<%=model_file_name%>.email)
          if @<%=model_file_name%>.update_attributes(params_hash)
            flash[:notice] = 'User was successfully updated.'
            format.html { redirect_back_or_default("/")}
            format.xml  { head :ok }
          else
            format.html { render 'edit'}
            format.xml  { render :xml => @<%=model_file_name%>.errors, :status => :unprocessable_entity }
          end
        end
      end

      # DELETE /users/1
      # DELETE /users/1.xml
      def destroy
        @<%=model_file_name%>.destroy

        respond_to do |format|
          format.html { redirect_to(<%=table_name%>_url) } #index
          format.xml  { head :ok }
        end
      end

protected
			def find_<%=model_file_name%>
				@<%=model_file_name%> = <%= model_class_basename%>.find(params[:id])
			end

end
<%= modules.inject(""){|t,x| "#{t}end\n"} %>
